I don't know if this is the right place to post this, but it seems to be close enough to fit my question.

I almost always monitor my system, no matter what operating system I'm using. Typically what I do is run sudo netstat -tcp to monitor any connections and keep the firewall running in the background. 99% of all of these connections were from Skype and Firefox. Now that I'm on 3.4 I'm noticing a new connection - mistletoe.canonica:http CLOSE_WAIT 13036/ubuntu-geoip-.

I don't trust Canonical very much, especially after the mishap with the Amazon Lenses, but this is something I've never noticed on any of my Linux installs. Is this normal? What information is being sent? I can't seem to find any information on this Geoip, but I can find guides to remove it. I'm guessing the developers and mods have probably seen this before, or something like it.